I'm trying to set login sessions within my web app but can not get it to work. I'm new to django and read the documentation for sessions but not making the connection to my web app. All I want from it at the moment is to check if a user is logged in and if not redirect to the login page.
Heres the code that i am trying to incorporate login sessions.
settings.py
INSTALLED_APPS = (
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'logins',
'dashboards'
)
MIDDLEWARE_CLASSES = (
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
)
urls.py
from django.conf.urls import patterns, include, url
from django.conf import settings
from django.conf.urls.static import static
from django.contrib import admin
admin.autodiscover()
urlpatterns = patterns('',
url(r'^$', 'logins.views.login', name='login'),
url(r'^accounts/auth/$', 'logins.views.auth_view', name='auth_view'),
url(r'^accounts/dashboard/$', 'dashboards.views.dashboard', name='dashboard'),
url(r'^accounts/logout/$', 'logins.views.logout', name='logout'),
url(r'^accounts/invalid/$', 'logins.views.invalid', name='invalid'),
views.py for logins
from django.shortcuts import render, render_to_response, RequestContext
from django.http import HttpResponseRedirect, HttpResponse
from django.contrib import auth
from django.core.context_processors import csrf
def login(request):
c = {}
c.update(csrf(request))
return render_to_response('login.html', c)
def auth_view(request):
username = request.POST.get('username', '')
password = request.POST.get('password', '')
user = auth.authenticate(username=username, password=password)
if user is not None and user.is_active:
auth.login(request, user)
return HttpResponseRedirect('/accounts/dashboard')
else:
return HttpResponseRedirect('/accounts/invalid')
def logout(request):
auth.logout(request)
return render_to_response('logout.html')
def invalid(request):
return render_to_response('invalid.html')
views.py for dashboard app thats being logged into
from django.shortcuts import render, render_to_response, RequestContext
from django.http import HttpResponseRedirect, HttpResponse
from django.contrib import auth
from django.core.context_processors import csrf
def dashboard(request):
return render_to_response('dashboard.html')
Its very simple to do that in django: In this example the sessions will be saved in the db (you have to sync your django app with your database)
User-Login:
from django.contrib.auth.models import User
from django.contrib.auth import authenticate, login
if request.method == 'POST':
username = request.POST.get('nickname','')
password = request.POST.get('password','')
user = authenticate(username=username, password=password)
if user is not None:
if user.is_active:
request.session.set_expiry(86400) #sets the exp. value of the session
login(request, user) #the user is now logged in
And for the other sites (where you need to be loggedin):
def my_func(request):
if request.user.is_authenticated():
print (user.id) #the user is loggedin
Or you use the login_require
-decorator:
from django.contrib.auth.decorators import login_required
@login_required
def my_func(request):
print(user.id) #the user is loggedin
You can use Django's built-in authentication system which takes care of checking whether a user is logged in or not. You can use login_required decorator.
views.py
from django.contrib.auth.decorators import login_required
@login_required
def my_view_login_required(request):
return render_to_response('dashboard.html')
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With